Setting Up SSL Certificates On PHP Fog Apps

Let me tell you, it was something of an endeavor setting up an SSL certificate on a PHP Fog application, mostly due to lack of (obvious) documentation, but their technical support was extremely fast and helpful, so we were able to get through the issues quickly. Here’s a little step-by-step write up for those of you who might still be in the dark about the whole SSL certificate installation process.

First of all, be ready to fork over $20 per month to enable the ability to attach an SSL certificate to your PHP Fog application. (C’mon guys, really? I get that IPs are limited, and Amazon’s ELB has a price too, but there’s got to be a better and more cost effective way to do this.)

Second, you’re going to want to log into a computer with OpenSSL installed, so that you can generate the private key to sign your Certificate Request (CSR) file. Run the following command to generate the private key, and be sure to not use a PEM passphrase:

openssl genrsa -out phpfog.key 2048

Now, we are going to generate the Certificate Request. Run the following command to generate the CSR file, using www.yourdomain.com or *.yourdomain.com for the “Common Name” input when it prompts you:

openssl req -new -key www.reconapi.com.key -out phpfog.csr

You can now use this .CSR file to generate your SSL certificate from your provider. I used a Comodo PositiveSSL certificate from NameCheap, which ran me a grand total of $8.95 … however they’re currently running a promotion offering PositiveSSL certificates for $1.99 with the registration or transfer of a domain name. (affiliate link)

Once you generate your SSL certificate with your .CSR file, your provider will make the certificate available for download via e-mail or their website. Be sure to download all related certificates, including the intermediary certificate if there is one available.

Now, navigate to your application’s dashboard on PHP Fog, and select the SSL tab from the sidebar. You are going to be filling out two (possibly three) text boxes with relevant certificate information:

  • Paste the contents of www_yourdomain_com.crt into the Signed Certificate text box.
  • Paste the contents of phpfog.key into the box labeled RSA or DSA Private Key Used to Sign the Certificate.
  • If you received an intermediary certificate, check the box “Use intermediate certificate” and paste the contents of the intermediary certificate file into the text box that appears.

You should be good to go, just click the orange ‘Enable SSL’ button to proceed! Remember, you will have to add some sort of redirection to your application, it won’t automatically forward your visitors to the proper secure pages. I tried using mod_rewrite, however %{HTTPS} does not seem to work, so here’s a little PHP snippet that works instead:

if($_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https') {
header("HTTP/1.1 301 Moved Permanently");
header("Location: https://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}"); exit;
}

Leave a Reply